fpc fails?

1. I've looked at this in a debugger.
2. It appears that in the body of the loop, variables stored on the stack are not referenced correctly.
3. In particular, they seem to ignore the change in the stack pointer that happens as a result of the PUSH at 004AD416
4.  
5. 004AD3D0 /$ 83EC 40 SUB ESP,40
6. 004AD3D3 |. 895C24 34 MOV DWORD PTR SS:[ESP+34],EBX
7. 004AD3D7 |. 897424 38 MOV DWORD PTR SS:[ESP+38],ESI
8. 004AD3DB |. 897C24 3C MOV DWORD PTR SS:[ESP+3C],EDI
9. 004AD3DF |. 885424 28 MOV BYTE PTR SS:[ESP+28],DL ; Loading AmmoID argument onto stack
10. 004AD3E3 |. C74424 30 0000>MOV DWORD PTR SS:[ESP+30],0 ; Load nil into local variable SeekAmmo
11. 004AD3EB |. C64424 2C FF MOV BYTE PTR SS:[ESP+2C],0FF ; Load 255 into local variable afnum
12. 004AD3F0 |. 89C7 MOV EDI,EAX
13. 004AD3F2 |. E8 39070000 CALL doomrl.004ADB30
14. 004AD3F7 |. 89C6 MOV ESI,EAX
15. 004AD3F9 |. 85C0 TEST EAX,EAX
16. 004AD3FB |. 0F84 91000000 JE doomrl.004AD492
17. 004AD401 |. 89E1 MOV ECX,ESP
18. 004AD403 |. 8D5424 0C LEA EDX,DWORD PTR SS:[ESP+C]
19. 004AD407 |. B8 01000000 MOV EAX,1
20. 004AD40C |. E8 9FD8F5FF CALL doomrl.0040ACB0
21. 004AD411 |. E8 7AFAF5FF CALL doomrl.0040CE90
22. 004AD416 |. 50 PUSH EAX ; Push; AmmoID now at ESP+2C
23. 004AD417 |. 85C0 TEST EAX,EAX
24. 004AD419 |. 75 59 JNZ SHORT doomrl.004AD474
25. 004AD41B |. EB 4C JMP SHORT doomrl.004AD469 ; Jump to loop start
26. 004AD41D | 8D76 00 LEA ESI,DWORD PTR DS:[ESI]
27. 004AD420 |> 89F0 MOV EAX,ESI ; Loop lead
28. 004AD422 |. E8 69070000 CALL doomrl.004ADB90 ; EAX -> ammo (call to enumerator's GetCurrent)
29. 004AD427 |. 89C3 MOV EBX,EAX ; EBX -> ammo
30. 004AD429 |. 89F8 MOV EAX,EDI
31. 004AD42B |. BA C8524F00 MOV EDX,doomrl.004F52C8 ; EDX -> constant string (added so I could find the relevant function in the disassembly)
32. 004AD430 |. 8B0F MOV ECX,DWORD PTR DS:[EDI]
33. 004AD432 |. FF51 6C CALL DWORD PTR DS:[ECX+6C] ; Print constant string to log file
34. 004AD435 |. 89D8 MOV EAX,EBX
35. 004AD437 |. E8 C450FFFF CALL doomrl.004A2500 ; AL := isAmmo (works properly)
36. 004AD43C |. 84C0 TEST AL,AL
37. 004AD43E |. 74 29 JE SHORT doomrl.004AD469 ; If not isAmmo then jump to loop start
38. 004AD440 |. 8A83 C1000000 MOV AL,BYTE PTR DS:[EBX+C1] ; AL := ammo.NID
39. 004AD446 3A4424 28 CMP AL,BYTE PTR SS:[ESP+28] ; PROBLEM: the ammoID argument is now at ESP+2C
40. 004AD44A |. 75 1D JNZ SHORT doomrl.004AD469 ; If ammo.NID ~= ammoID then jump to loop start
41. 004AD44C |. 66:0FB64424 2C MOVZX AX,BYTE PTR SS:[ESP+2C] ; PROBLEM: the afnum local is now at ESP+30
42. 004AD452 |. 66:3B83 CA0000>CMP AX,WORD PTR DS:[EBX+CA]
43. 004AD459 |. 76 0E JBE SHORT doomrl.004AD469 ; If afnum <= ammo.Ammo then goto loop start
44. 004AD45B |. 895C24 30 MOV DWORD PTR SS:[ESP+30],EBX ; SeekAmmo := ammo (PROBLEM: wrong stack offset again)
45. 004AD45F |. 8A83 CA000000 MOV AL,BYTE PTR DS:[EBX+CA] ; AL := ammo.Ammo
46. 004AD465 |. 884424 2C MOV BYTE PTR SS:[ESP+2C],AL ; afnum := AL (PROBLEM: wrong stack offset again)
47. 004AD469 |> 89F0 MOV EAX,ESI ; Loop start
48. 004AD46B |. E8 F0070000 CALL doomrl.004ADC60
49. 004AD470 |. 84C0 TEST AL,AL
50. 004AD472 |.^75 AC JNZ SHORT doomrl.004AD420 ; If enumerator MoveNext return true, jump to loop head
51. 004AD474 |> E8 07DBF5FF CALL doomrl.0040AF80
52. 004AD479 |. 89F0 MOV EAX,ESI
53. 004AD47B |. BA 01000000 MOV EDX,1
54. 004AD480 |. 8B0E MOV ECX,DWORD PTR DS:[ESI]
55. 004AD482 |. FF51 30 CALL DWORD PTR DS:[ECX+30]
56. 004AD485 |. 58 POP EAX ; Corresponding pop to 004ad416
57. 004AD486 |. 85C0 TEST EAX,EAX
58. 004AD488 |. 74 08 JE SHORT doomrl.004AD492
59. 004AD48A |. 48 DEC EAX
60. 004AD48B |. 85C0 TEST EAX,EAX
61. 004AD48D |. E8 5EDCF5FF CALL doomrl.0040B0F0
62. 004AD492 |> 8B4424 30 MOV EAX,DWORD PTR SS:[ESP+30]
63. 004AD496 |. 8B5C24 34 MOV EBX,DWORD PTR SS:[ESP+34]
64. 004AD49A |. 8B7424 38 MOV ESI,DWORD PTR SS:[ESP+38]
65. 004AD49E |. 8B7C24 3C MOV EDI,DWORD PTR SS:[ESP+3C]
66. 004AD4A2 |. 83C4 40 ADD ESP,40
67. 004AD4A5 \. C3 RETN
68.